8018688837cddbc6e01a729ebd88cb41

Sharing

Copy URL

Twitter E-mail

General

Target

8018688837cddbc6e01a729ebd88cb41
Size

540KB
MD5

8018688837cddbc6e01a729ebd88cb41
SHA1

dd1d4341340c77ecd7345f2b537fa6281ca186a3
SHA256

e67910442a47a80b2d0f01be4e99339586d2476000a9ada39b3787ee8361f8fc
SHA512

4e5ecab5b4576627bb474cacaf9ab135f22a5e11e99a935c7b136f0874fd425a56041eaa594d049cf8ec835168359b99079b371a8efe57d2146f710c20ed9bec
SSDEEP

12288:oFZCv7TnOqMiWaf7BI3aJdJZie1LRgT4y9MMnMMMMMtM/E:UZCzTOqx97BRa0OLMMnMMMMMt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8018688837cddbc6e01a729ebd88cb41

Files

8018688837cddbc6e01a729ebd88cb41
.exe windows:4 windows x86 arch:x86

0e73bf8cbba528bb5b07eecc062bc604

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ddraw

DirectDrawCreate

ntdll

RtlAddAuditAccessAceEx

kernel32

GetSystemTimeAsFileTime
QueryPerformanceCounter
HeapFree
GetLocalTime
WriteFile
EnterCriticalSection
GetCPInfo
MultiByteToWideChar
SizeofResource
WideCharToMultiByte
GetEnvironmentStringsW
GetTimeFormatW
GetSystemInfo
LocalAlloc
LocalSize
LoadResource
CompareStringA
lstrlenA
HeapCreate
GetCommandLineA
LockResource
GlobalReAlloc
GetNumberFormatW
CreateFileW
GetCurrentThreadId
FreeEnvironmentStringsA
GetDateFormatW
GetModuleFileNameW
GetCurrentProcessId
FindResourceExW
CreateEventW
GetCurrentProcess
IsBadReadPtr
CompareStringW
GetThreadLocale
InterlockedDecrement
HeapReAlloc
ExitProcess
lstrcmpiA
CreateThread
LocalReAlloc
EnumCalendarInfoW
GetLocaleInfoW
LocalFree
lstrcmpiW
SetHandleCount
FreeResource
lstrcmpW
SetLastError
GetWindowsDirectoryW
TlsFree
GetStringTypeA
LCMapStringW
GlobalFree
GlobalUnlock
DeleteCriticalSection
TlsAlloc
GetModuleFileNameA
GetStringTypeExW
IsBadWritePtr
FreeEnvironmentStringsW
GlobalHandle
UnhandledExceptionFilter
GetLocaleInfoA
GetProcAddress
InterlockedExchange
MapViewOfFile
GetOEMCP
LoadLibraryA
MulDiv
VirtualProtect
UnmapViewOfFile
TlsSetValue
InterlockedIncrement
GetVersionExA
HeapDestroy
LCMapStringA
FindResourceExA
GetStringTypeW
EnumResourceLanguagesW
GlobalAddAtomW
CreateFileMappingW
GetUserDefaultLangID
GetUserDefaultLCID
InitializeCriticalSection
SetFilePointer
GetFileSize
InterlockedCompareExchange
GetStdHandle
WaitForSingleObject
GetTickCount
GetModuleHandleA
lstrcmpA
Sleep
GetACP
GetModuleHandleW
TlsGetValue
FreeLibrary
SetUnhandledExceptionFilter
lstrcpynW
HeapAlloc
GetFileType
lstrlenW
GetLastError
GlobalAlloc
GetProcessHeap
FindResourceW
VirtualAlloc
GetStartupInfoA
VirtualFree
FlushFileBuffers
CloseHandle
LoadLibraryW
TerminateProcess
GetEnvironmentStrings
GetSystemDefaultLCID
VirtualQuery
DisableThreadLibraryCalls
LeaveCriticalSection
SetStdHandle
SetEvent

gdi32

CreatePalette
SetDIBits
GetDIBits
CreateRoundRectRgn
Polyline
CreateSolidBrush
SetWindowOrgEx
GetObjectW
SaveDC
CreateHalftonePalette
CreateDIBSection
SelectClipRgn
SelectObject
TranslateCharsetInfo
CreatePen
StretchBlt
GetPixel
GetTextExtentPointW
GetClipBox
RestoreDC
CreatePolygonRgn
CreateBitmapIndirect
GetStockObject
SetTextColor
IntersectClipRect
GetTextMetricsW
SetPixel
SetBkColor
PatBlt
FillRgn
MoveToEx
CreatePatternBrush
SetDIBColorTable
FrameRgn
GetDeviceCaps
CreateRectRgnIndirect
BitBlt
ExtTextOutA
CreateFontIndirectW
CreateBitmap
Rectangle
GetTextExtentPoint32W
GetViewportExtEx
CreateCompatibleDC
OffsetWindowOrgEx
RealizePalette
DeleteDC
GetDCOrgEx
GetTextColor
ExtTextOutW
CreateRectRgn
ExtSelectClipRgn
GetDIBColorTable
StretchDIBits
ExcludeClipRect
GetCharWidthA
RectVisible
SetTextAlign
GetTextCharsetInfo
CreateFontW
GetWindowExtEx
DeleteObject
GetBkColor
SetBrushOrgEx
GetCharWidthW
Ellipse
UnrealizeObject
GetPaletteEntries
SetBkMode
SetPixelV
OffsetRgn
CreateCompatibleBitmap
GetTextAlign
GetClipRgn
TextOutW
Arc
SelectPalette
GetCurrentObject
CombineRgn
MaskBlt
GetTextExtentPointA
EnumFontFamiliesExW
GetNearestColor
GetBitmapBits
LineTo

advapi32

RegCreateKeyExW
FreeSid
OpenProcessToken
CheckTokenMembership
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegOpenCurrentUser
RegCreateKeyW
AllocateAndInitializeSid
RegQueryValueExW
RegSetValueExW
RegOpenKeyExW
RegQueryValueW

atl

AtlModuleRegisterClassObjects

Sections

.text
Size: 4KB - Virtual size: 920B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 432KB - Virtual size: 429KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e73bf8cbba528bb5b07eecc062bc604

Headers

File Characteristics

Imports

ddraw

ntdll

kernel32

gdi32

advapi32

atl

Sections

.text Size: 4KB - Virtual size: 920B

.rdata Size: 432KB - Virtual size: 429KB

.data Size: 12KB - Virtual size: 2.0MB

.idata Size: 8KB - Virtual size: 5KB

.rsrc Size: 80KB - Virtual size: 77KB

.text
Size: 4KB - Virtual size: 920B

.rdata
Size: 432KB - Virtual size: 429KB

.data
Size: 12KB - Virtual size: 2.0MB

.idata
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 80KB - Virtual size: 77KB